diff options
author | Ade Lee <alee@redhat.com> | 2013-01-07 16:38:25 -0500 |
---|---|---|
committer | Ade Lee <alee@redhat.com> | 2013-01-07 17:44:39 -0500 |
commit | b8e407aa83f3ff4a4feea049e4ada54853b39f4d (patch) | |
tree | 4b438100761b5c8db71f966769f95cc8c768f5fc | |
parent | b61f31bf15e733de5881cc070feb57aa3686c92d (diff) | |
download | pki-b8e407aa83f3ff4a4feea049e4ada54853b39f4d.tar.gz pki-b8e407aa83f3ff4a4feea049e4ada54853b39f4d.tar.xz pki-b8e407aa83f3ff4a4feea049e4ada54853b39f4d.zip |
Increase root CA validity to 20 years
Trac Ticket #466
4 files changed, 5 insertions, 5 deletions
diff --git a/base/ca/shared/conf/caCert.profile b/base/ca/shared/conf/caCert.profile index 3e9c83613..4cd22bafb 100644 --- a/base/ca/shared/conf/caCert.profile +++ b/base/ca/shared/conf/caCert.profile @@ -9,7 +9,7 @@ profileSetIDMapping=caCertSet list=2,4,5,6,7,8 2.default.class=com.netscape.cms.profile.def.CAValidityDefault 2.default.name=CA Certificate Validity Default -2.default.params.range=2922 +2.default.params.range=7305 2.default.params.startTime=0 4.default.class=com.netscape.cms.profile.def.AuthorityKeyIdentifierExtDefault 4.default.name=Authority Key Identifier Default diff --git a/base/ca/shared/profiles/ca/caCACert.cfg b/base/ca/shared/profiles/ca/caCACert.cfg index a88abdf1f..36f81b53b 100644 --- a/base/ca/shared/profiles/ca/caCACert.cfg +++ b/base/ca/shared/profiles/ca/caCACert.cfg @@ -20,12 +20,12 @@ policyset.caCertSet.1.default.name=Subject Name Default policyset.caCertSet.1.default.params.name= policyset.caCertSet.2.constraint.class_id=validityConstraintImpl policyset.caCertSet.2.constraint.name=Validity Constraint -policyset.caCertSet.2.constraint.params.range=2922 +policyset.caCertSet.2.constraint.params.range=7305 policyset.caCertSet.2.constraint.params.notBeforeCheck=false policyset.caCertSet.2.constraint.params.notAfterCheck=false policyset.caCertSet.2.default.class_id=caValidityDefaultImpl policyset.caCertSet.2.default.name=CA Certificate Validity Default -policyset.caCertSet.2.default.params.range=2922 +policyset.caCertSet.2.default.params.range=7305 policyset.caCertSet.2.default.params.startTime=0 policyset.caCertSet.3.constraint.class_id=keyConstraintImpl policyset.caCertSet.3.constraint.name=Key Constraint diff --git a/base/common/src/com/netscape/cms/profile/def/CAValidityDefault.java b/base/common/src/com/netscape/cms/profile/def/CAValidityDefault.java index e3b834ce5..44ffd474f 100644 --- a/base/common/src/com/netscape/cms/profile/def/CAValidityDefault.java +++ b/base/common/src/com/netscape/cms/profile/def/CAValidityDefault.java @@ -100,7 +100,7 @@ public class CAValidityDefault extends EnrollDefault { if (name.equals(CONFIG_RANGE)) { return new Descriptor(IDescriptor.STRING, null, - "2922", /* 8 years */ + "7305", /* 20 years */ CMS.getUserMessage(locale, "CMS_PROFILE_VALIDITY_RANGE")); } else if (name.equals(CONFIG_START_TIME)) { diff --git a/base/common/src/com/netscape/cms/profile/def/ValidityDefault.java b/base/common/src/com/netscape/cms/profile/def/ValidityDefault.java index 0c31fb0a8..b649c7076 100644 --- a/base/common/src/com/netscape/cms/profile/def/ValidityDefault.java +++ b/base/common/src/com/netscape/cms/profile/def/ValidityDefault.java @@ -90,7 +90,7 @@ public class ValidityDefault extends EnrollDefault { if (name.equals(CONFIG_RANGE)) { return new Descriptor(IDescriptor.STRING, null, - "2922", + "7305", CMS.getUserMessage(locale, "CMS_PROFILE_VALIDITY_RANGE")); } else if (name.equals(CONFIG_START_TIME)) { |